← Back

CVE-2019-4399

nvd nist
Published: Oct 25, 2019Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 162260.

Affected (4)

Ibm
1 product
Cloud Orchestrator
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Cloud Orchestrator
From 2.4.0.0 to 2.4.0.5
Cloud Orchestrator
From 2.5.0.0 to 2.5.0.9
Cloud Orchestrator
From 2.4.0.0 to 2.4.0.5
Cloud Orchestrator
From 2.5.0.0 to 2.5.0.9

Related CWEs

CWE-327
Use of a Broken or Risky Cryptographic Algorithm
The product uses a broken or risky cryptographic algorithm or protocol.

References (4)

Source: psirt@us.ibm.com
VDB EntryVendor Advisory
Source: psirt@us.ibm.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
VDB EntryVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.